Am I crazy in thinking that the shop I was in that has CentOS 3 running their self checkouts should have a more up to date and currently supported OS? These are brand new self checkouts (the shop has had them for about a year now, but you get my point.)

It’s a genuine question. Am I wrong in thinking that using this OS on a self checkout is a terrible idea? (FWIW this shop is an international retailer)

I have no stake in the shop or anything. I just happened to be there when they had to reboot a self checkout and I noticed the OS version as I was going by.

  • CountVon@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    39
    ·
    4 months ago

    It’s likely CentOS 7.9, which was released in Nov. 2020 and shipped with kernel version 3.10.0-1160. It’s not completely ridiculous for a one year old POS systems to have a four year old OS. Design for those systems probably started a few years ago, when CentOS 7.9 was relatively recent. For an embedded system the bias would have been toward an established and mature OS, and CentOS 8.x was likely considered “too new” at the time they were speccing these systems. Remotely upgrading between major releases would not be advisable in an embedded system. The RHEL/CentOS in-place upgrade story is… not great. There was zero support for in-place upgrade until RHEL/CentOS 7, and it’s still considered “at your own risk” (source).

    • Fonzie!@ttrpg.network
      link
      fedilink
      arrow-up
      2
      ·
      4 months ago

      Then there’s Dutch trains from NS running the time schedules on Vista until a few years ago…

  • VHS [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    1
    ·
    edit-2
    4 months ago

    It’s not CentOS 3, it’s CentOS with Linux kernel 3.10 (a 2014 kernel). This was supported in RHEL/CentOS through 2017.

    Still very dated and a bad idea, of course. And even weirder that it’s on a new machine. I’ve seen tons of stores using Win7 past it’s EOL, but on older hardware.

    • dannoffs [he/him]@hexbear.net
      link
      fedilink
      arrow-up
      12
      ·
      edit-2
      4 months ago

      Its 3.10.0-1160, which means it’s CentOS 7.9 that was released at the end of 2020. It was a super old kernel at the time of release though.

      RHEL 7 just ended maintenance support a month ago and there’s 4 years of ELS before it’s completely end of life.

    • harsh3466@lemmy.mlOP
      link
      fedilink
      arrow-up
      4
      ·
      4 months ago

      Ah. I didn’t catch that it was the 3.10 kernel. But, as you say, still dated. I thought it was a bad idea, especially in new hardware.

  • TimeSquirrel@kbin.melroy.org
    link
    fedilink
    arrow-up
    11
    ·
    4 months ago

    What is the risk if it’s all on a closed internal network? You can safely run Windows 98 as long as you’re very careful about what goes in and out at your gateway.

    Commerical networks tend to be a bit more robust than Joe Schmoe’s basement router. It’s a giant pain to keep up with each and every update on everything a store uses (not just self checkouts, things like CCTV systems, HVAC monitoring, electronic signage like smart screens, etc.) so usually it’s all controlled at the network level.

    I install CCTV, I guarantee you more than three quarters of the DVRs and PoE cameras I install never get updated and are “set and forget”. I’ve pulled out 10-15 year old cameras still with original firmware in giant national chain stores when they do refreshes of their infrastructure.

      • TimeSquirrel@kbin.melroy.org
        link
        fedilink
        arrow-up
        2
        ·
        4 months ago

        I’m sure it’s not directly connected with an externally accessible IP. It’s either communicating with a backoffice server, or on a secure VPN tunnel to the rest of the corporate network.

        • delirious_owl@discuss.online
          link
          fedilink
          arrow-up
          1
          ·
          4 months ago

          The point is that it shouldn’t be accessible, but a vulnerability would make it accessible. Its connected to the internet. Its a risk.

  • bloodfart@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    4 months ago

    I think I recognize that system by the monitor glare, where’d you take the picture?

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      Cent7 stopped getting updates last month. There is at least one mirror still providing the old updates. Not sure about newer versions

    • tfw_no_toiletpaper@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      It does not, a few Cisco appliances in our company run / ran cent and AFAIK the infra teams all had to migrate to alma and move everything over with some script from Cisco.